This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img
The script also checks for 3rd party resource references that might be in conflict with our privacy policy.
The Content-Security-Policy (Csp) check is a work in progress: it only checks that the default settings have not been over-ridden. It does not check if the host exceptions have been approved.
View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Fri, 31 Oct 2025 06:10:46 GMT over 219 websites.
| Check Type | Check Results | Check Description |
|---|---|---|
| Uri | https://struts.apache.org/ | |
| Foundation | The Apache Software Foundation | |
| Events |
URL expected to match regular expression:
^https?://((www\.)?apache\.org/events/current-event|events\.apache\.org|www\.apachecon\.com/event-images/snippet\.js)
Projects SHOULD include a link to any current CommunityOverCode event, or to the events.apache.org site, as provided by VP, Conferences. |
|
| License | http://www.apache.org/licenses/ | |
| Thanks | https://www.apache.org/foundation/thanks.html | |
| Security | https://struts.apache.org/security/ | |
| Sponsorship | https://www.apache.org/foundation/sponsorship.html | |
| Trademarks | . Apache Struts, Struts, Apache, the Apache feather logo, and the Apache Struts project logos are trademarks of The Apache Software Foundation. All Rights Reserved. | |
| Copyright | Copyright © 2000-2025 The Apache Software Foundation. | |
| Privacy | https://privacy.apache.org/policies/privacy-policy-public.html | |
| Resources | Found 9 external resources: {"ERROR Refused to load the script 'https://connect.facebook.net/en_US/all.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>4, "ERROR Refused to load the script 'https://apis.google.com/js/plusone.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, "ERROR Refused to connect to 'https://api.github.com/repos/apache/struts' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to frame 'https://platform.twitter.com/' because it violates the following Content Security Policy directive: \"frame-src 'self' data: blob: https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\"."=>1} |
Text of a link expected to match regular expression:
Found \d+ external resources
Websites must not link to externally hosted resources |
| Image | struts.svg | |
| Csp_check | OK |